package com.txby.wrApi.component.interceptor;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@WebFilter(urlPatterns = "/*", filterName = "xssAndSqlFilter")
public class XssAndSqlFilter implements Filter {
	FilterConfig filterConfig = null;
	private static Logger logger = LoggerFactory
			.getLogger(XssAndSqlFilter.class);

	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain filterChain) throws IOException, ServletException {
		HttpSession session = ((HttpServletRequest) request).getSession();
		// 获得用户请求的URI
//		String path = ((HttpServletRequest) request).getRequestURI();
		String path=((HttpServletRequest) request).getServletPath();
		path=path.substring(path.lastIndexOf("/")+1, path.length());
		// 项目路径
		String contextPath = ((HttpServletRequest) request).getContextPath();
		// 请求路径
		String contextPath2 = ((HttpServletRequest) request).getServletPath();
//		String url = path.substring(contextPath.length());
		/*Gzz01UserData user = (Gzz01UserData) session.getAttribute("sysuser");
		if (path.contains("login.jsp")
				|| path.contains("file_manager_json.jsp")|| path.contains("400.jsp")|| path.contains("500.jsp")|| path.contains("error.jsp")
				|| path.contains("upload_json.jsp")||path.contains("image.jsp")||path.contains("reloading.jsp")||path.contains("tlogin.htm")||path.contains("checkImageValue.htm")||path.contains("login.htm")
				||path.contains("logOut.htm")||path.contains("error.htm")||path.contains("signUser.htm")
				||path.contains("checkPassWord.htm")||path.contains("signUserSave.htm")||path.contains("isExist.htm")||path.contains("isExistRegUser.htm")||path.contains("updatePassWord.htm")||path.contains("reloading.htm")||path.contains("isExistRegUser.htm")
				||path.contains("tlogin.htm")||path.contains("login.jsp")||path.contains("reloading.jsp")
				) {
				if(path.contains("tlogin.htm")||path.contains("login.jsp")||path.contains("reloading.jsp")){
//				((HttpServletRequest) request).getSession().removeAttribute("sysuser");
//				((HttpServletResponse) response).sendRedirect(contextPath
//						+ "/login/tlogin.htm");// 跳转jsp过滤直接访问
//				filterChain.doFilter(request, response);
				}
				filterChain.doFilter(request, response);
			
		}else if (user == null) {
			try {
				logger.warn("IP: " + GetIp.getIpAddr((HttpServletRequest)request) + " 于 " + Times.getTimes()
						+ "尝试登录");
			} catch (Exception e) {
				// TODO Auto-generated catch block
				e.printStackTrace();
			}
			((HttpServletResponse) response).sendRedirect(contextPath
					+ "/login/reloading.htm");// 跳转jsp过滤直接访问
		} else {
			XssAndSqlHttpServletRequestWrapper xssRequest = new XssAndSqlHttpServletRequestWrapper(
					(HttpServletRequest) request);
			filterChain.doFilter(xssRequest, response);
		}
		*/
/*		XssAndSqlHttpServletRequestWrapper xssRequest = new XssAndSqlHttpServletRequestWrapper(
				(HttpServletRequest) request);
		filterChain.doFilter(xssRequest, response);*/
		filterChain.doFilter(request, response);

	}

	public void destroy() {
		this.filterConfig = null;

	}

	public void init(FilterConfig filterConfig) throws ServletException {
		this.filterConfig = filterConfig;

	}

}
